CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4788 from Security-Onion-Solutions/fix/fbpipeline

Browse Source 
Only route to FB module pipeline if filebeat in metadata
This commit is contained in:
Mike Reeves
2021-07-13 11:40:58 -04:00
committed by GitHub
parent 35388056d3 7cdb967810
commit 6eab390962
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/logstash/pipelines/config/so/9050_output_filebeatmodules.conf.jinja
View File

@@ -6,7 +6,7 @@
{%- set ES_USER = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:user', '') %}
{%- set ES_PASS = salt['pillar.get']('elasticsearch:auth:users:so_elastic_user:pass', '') %}
output {
if [metadata][pipeline] {
if "filebeat" in [metadata][pipeline] {
elasticsearch {
id => "filebeat_modules_metadata_pipeline"
pipeline => "%{[metadata][pipeline]}"